TYPSoft FTP Server <= 1.10 Multiple DoS

Medium Nessus Plugin ID 20012


The remote FTP server is affected by multiple denial of service vulnerabilities.


The remote host appears to be using TYPSoft FTP Server, a small FTP server for Windows.

According to its banner, the version of TYPSoft FTP Server installed on the remote host is 1.10 or earlier. Such versions suffer from several denial of service vulnerabilities.

A remote attacker, possibly using anonymous access, can cause the server to stop responding by sending it an 'ABOR' command without any active file transfer in progress or can crash it by sending any one of a number of specially crafted FTP commands.


Remove the affected service or use another product as TYPSoft is no longer supported.

See Also



Plugin Details

Severity: Medium

ID: 20012

File Name: typsoftftp_retr0_dos.nasl

Version: $Revision: 1.26 $

Type: remote

Family: FTP

Published: 2005/10/14

Modified: 2016/11/15

Dependencies: 10092

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

Vulnerability Information

Required KB Items: ftp/typsoftftp

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2005/10/13

Exploitable With

Core Impact

Reference Information

CVE: CVE-2005-3294, CVE-2009-1668, CVE-2009-4105, CVE-2012-5329

BID: 15104, 34901, 37114, 40181, 51891, 52554

OSVDB: 19992, 54585, 60658, 80577

EDB-ID: 18469, 18615, 8650

CWE: 20